Unverified Commit 36e45e19 authored by Steven Allen's avatar Steven Allen Committed by GitHub

Merge pull request #61 from libp2p/fix/no-dns

fix: don't allow dialing DNS addresses
parents e74d5f34 3ddabafa
...@@ -70,10 +70,12 @@ func NewTCPTransport(upgrader *tptu.Upgrader) *TcpTransport { ...@@ -70,10 +70,12 @@ func NewTCPTransport(upgrader *tptu.Upgrader) *TcpTransport {
return &TcpTransport{Upgrader: upgrader, ConnectTimeout: DefaultConnectTimeout} return &TcpTransport{Upgrader: upgrader, ConnectTimeout: DefaultConnectTimeout}
} }
var dialMatcher = mafmt.And(mafmt.IP, mafmt.Base(ma.P_TCP))
// CanDial returns true if this transport believes it can dial the given // CanDial returns true if this transport believes it can dial the given
// multiaddr. // multiaddr.
func (t *TcpTransport) CanDial(addr ma.Multiaddr) bool { func (t *TcpTransport) CanDial(addr ma.Multiaddr) bool {
return mafmt.TCP.Matches(addr) return dialMatcher.Matches(addr)
} }
func (t *TcpTransport) maDial(ctx context.Context, raddr ma.Multiaddr) (manet.Conn, error) { func (t *TcpTransport) maDial(ctx context.Context, raddr ma.Multiaddr) (manet.Conn, error) {
......
...@@ -36,6 +36,27 @@ func TestTcpTransport(t *testing.T) { ...@@ -36,6 +36,27 @@ func TestTcpTransport(t *testing.T) {
envReuseportVal = true envReuseportVal = true
} }
func TestTcpTransportCantDialDNS(t *testing.T) {
for i := 0; i < 2; i++ {
dnsa, err := ma.NewMultiaddr("/dns4/example.com/tcp/1234")
if err != nil {
t.Fatal(err)
}
tpt := NewTCPTransport(&tptu.Upgrader{
Secure: makeInsecureTransport(t),
Muxer: new(mplex.Transport),
})
if tpt.CanDial(dnsa) {
t.Fatal("shouldn't be able to dial dns")
}
envReuseportVal = false
}
envReuseportVal = true
}
func TestTcpTransportCantListenUtp(t *testing.T) { func TestTcpTransportCantListenUtp(t *testing.T) {
for i := 0; i < 2; i++ { for i := 0; i < 2; i++ {
utpa, err := ma.NewMultiaddr("/ip4/127.0.0.1/udp/0/utp") utpa, err := ma.NewMultiaddr("/ip4/127.0.0.1/udp/0/utp")
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment